b"U.S. DEPARTMENT OF COMMERCE\n          Office of Inspector General\n\n\n\n\n                 PUBLIC\n                RELEASE\n\n\n             INTERNATIONAL TRADE\n                  ADMINISTRATION\n\n        Y2K Risk of Interrupted Operations\n           Is Low, but Some Improvements\n             Needed in Day One Planning\n\n        Inspection Report No. OSE-12550 / December 1999\n\n\n\n\n                             Office of Systems Evaluation\n\x0cDecember 21, 1999\n\n\n\nMEMORANDUM FOR:                   Ambassador David L. Aaron\n                                  Under Secretary of Commerce for\n                                   International Trade\n\n\nFROM:                             Johnnie E. Frazier\n\nSUBJECT:                          Final Inspection Report, ITA Y2K Risk of Interrupted Operations\n                                  Is Low, But Some Improvements Needed in Day One Planning\n                                  (Report No. OSE-12550)\n\n\nThe Office of Inspector General has completed a review of the International Trade\nAdministration\xe2\x80\x99s efforts to reduce the risk of business interruption due to the year 2000 (Y2K)\ncentury change. We reviewed ITA\xe2\x80\x99s Day One plan for managing the critical century rollover\nperiod 1 and its contingency plans for continuing operations in case of computer system failures.\n\nWe believe the likelihood of interruption of ITA\xe2\x80\x99s business operations due to Y2K system\nfailures, in general, is low because most activities supported by computers are not time-critical\nand for most failures ITA staff can revert to other computers or manual operations without\nsignificantly degrading performance. We believe ITA\xe2\x80\x99s greatest risks are ensuring that cable\nservices will be available to back-up its Message Processing System at the Telecommunication\nCenter and that adequate preparations have been made for the rollover period. We recommend\nthat ITA complete an agreement for back-up cable services with the Department of State, test\nthese cable services, and refine its Day One plans.\n\nBecause of the short time remaining before the century change and the concurrence of ITA\nofficials, we are issuing this report in final. We presented our concerns to the appropriate ITA\nofficials at an exit briefing held on December 13, 1999, and they have agreed with all of our\nrecommendations and are implementing them. ITA\xe2\x80\x99s memorandum concurring with our\nobservations and recommendations is attached. We would like to thank the dedicated and\nknowledgeable staff at ITA for working with us to complete our review.\n\n\n\n\n        1\n         GAO has defined the century rollover period as December 30, 1999, through January 4, 2000, in its Day\nOne guide, Y2K Computing Challenge: Day One Planning and Operations Guide, GAO/AIMD-10.1.22, October\n1999.\n\x0cU.S. Department of Commerce                                        Final Inspection Report OSE-12550\nOffice of Inspector General                                                           December 1999\n\nBACKGROUND\n\nInternational trade is vital to our nation\xe2\x80\x99s economy. ITA's mission is to help U.S. business\nsucceed globally by encouraging, assisting, and advocating U.S. exports; ensuring U.S.\ncompanies have equal access to foreign markets; and enabling U.S. businesses to compete\nagainst unfairly traded imports. ITA\xe2\x80\x99s mission helps safeguard American jobs and maintain the\ncompetitive strength of American industry. ITA has over 200 offices around the world.\n\nThe Y2K problem results from computer systems that have been programmed with only the last\ntwo digits of a year rather than all four. This approach can cause computer systems to fail\nbecause they will not be able to distinguish between the years 1900 and 2000. ITA does not\nperform many time-critical computer operations but does need to avoid interruptions caused by\nY2K system defects.\n\nPURPOSE AND SCOPE\n\nThe purpose of this review is to reduce the risk of business interruption due to the year 2000\ncentury change by assessing ITA\xe2\x80\x99s contingency and Day One plans and recommending practical\nrisk mitigation activities. Specifically, we reviewed the ITA Business Continuity and\nContingency Plan matrix, the ITA high level Day One plan, and Day One plans from ITA\nbusiness units. We also interviewed representatives responsible for contingencies for four\nsystems: the Client Management System (CMS), the Message Processing System (MPS), the\nCentral Records Information Management System (CRIMS) and the Anti-Dumping/\nCountervailing Duty System (AD/CVDS). Because time was limited, we did not review all the\nsystems identified in the Business Continuity and Contingency matrix (i.e., Trade Policy\nInformation System, Textile Information System, or ITA's financial management systems).\nAlso, we did not review the Y2K compliance of ITA\xe2\x80\x99s computer systems.\n\nOur criteria were derived from GAO and OMB guidelines for the Y2K computing crisis,\nresearch institutions, and best practices. Our work was performed in accordance with the\nInspector General Act of 1978, as amended, and the Quality Standards for Inspections, March\n1993, issued by the President\xe2\x80\x99s Council on Integrity and Efficiency. We conducted our\nfieldwork between October and December 1999.\n\nOBSERVATIONS AND CONCLUSIONS\n\nI.     ITA\xe2\x80\x99s Risk of Interrupted Service Is Low\n\nITA's risk of business interruption due to Y2K system failures, in general, is low because most\nactivities supported by computers are not time-critical and for most failures ITA staff can revert\nto other computers or manual operations without significantly degrading performance. For\n\n\n                                                 2\n\x0cU.S. Department of Commerce                                               Final Inspection Report OSE-12550\nOffice of Inspector General                                                                  December 1999\n\nexample, two of the systems we reviewed (CRIMS and AD/CVDS) are used by ITA's Import\nAdministration for analysis of unfair import cases. These cases must be completed within 160\ndays. Reverting to manual operations for several days would not significantly jeopardize\ncompleting these cases in time. The Import Administration staff has already prepared to use\nmanual operations for cases that are due around the century rollover, and the staff is familiar\nwith manual operations. In other situations, alternate computers or communications networks\ncan be used if primary facilities fail. For example, if the e-mail component of the CMS platform2\nfails, then ITA's United States Foreign and Commercial Service worldwide offices will use the\nInternet for communications.\n\nII.    The Message Processing System Contingency Plan Needs to Be Completed\n\nITA Telecommunication Center's (TCC) Message Processing System receives and sends cables\nvia the State Department cable services. The system is an important means of communication\nfor ITA headquarters and worldwide offices. Over 150 individuals and organizations at\nCommerce Department headquarters use the MPS to exchange budget, personnel, and trade\ninformation. The system carries up to 1,200 cables per day. Fifteen percent of the cables are\nclassified and less than one percent are urgent. MPS operators are required to acknowledge\nreceipt of urgent cables to the sender within 15 minutes. MPS hardware components are fully\nredundant, and TCC has a maintenance contract with the MPS vendor, the Xerox Corporation.\n\nThe MPS contingency plans depend on cable services provided by the State Department. If\nMPS fails and cannot be repaired within eight hours, then TCC plans to send a request (via MPS\nsignal, telephone line, or facsimile) to the State Department Beltsville cable center to re-route\nmessages to Annex 44 3. Annex 44 will print the cables and file them for pick-up by TCC staff.\nIf Annex 44 is unavailable, then the Beltsville cable center will print and file the cables for pick-\nup. If Beltsville is unavailable, then alternate means for communicating, such as e-mail and\nsecure telephones, will be used. Also, TCC will serve as back-up for Annex 44.\n\nTo prepare for this contingency, TCC drafted a Memorandum of Understanding (MOU) for\nsignature by the three parties TCC, Annex 44, and the Beltsville cable center. However, by the\nend of our field work, the first two parties had signed the agreement, but the Beltsville cable\ncenter had not. Although TCC officials stated that even without the MOU, cables could be re-\nrouted, we believe that a signed agreement will provide further assurance that the State\nDepartment cable service will be available for MPS back-up.\n\n\n\n\n       2\n           The CMS platform is Lotus-Notes.\n       3\n           Formerly, Annex 44 was the United States Information Agency.\n\n                                                      3\n\x0cU.S. Department of Commerce                                      Final Inspection Report OSE-12550\nOffice of Inspector General                                                         December 1999\n\nWe are also concerned that this contingency has not been tested. TCC has never tried to re-\nroute cables as described in the contingency plan. Finally, MPS files are routinely backed up\neach quarter year. The files were last backed up in October, and another back-up is not planned\nuntil after the century rollover. It would be prudent to back up the files close to the century\nrollover in order to have the most up-to-date files in case MPS needs to be restarted due to a\nY2K failure.\n\nITA has agreed to complete the MOU, test the MPS contingency, and back up the MPS files\ncloser to December 30.\n\nIII. ITA Should Update and Validate Its Day One Plan\n\nThe days surrounding the century rollover are critical to Y2K planning. Although systems and\nbusiness operations will be most vulnerable to Y2K-induced interruption during this period,\nproper Day One planning can minimize the adverse impacts. Day One plans describe a\ncomprehensive set of actions to perform during the century rollover period from December 30\nthrough January 4. Primarily, they describe procedures for minimizing problems and reporting\nthe status of business operations to executive management, business partners, and the public.\nDay One plans should include the following information to be effective:\n\nl      System back-up procedures to establish stable baselines of data if systems fail and need\n       to be restarted.\n\nl      System shutdown and start-up procedure to minimize the impact of power surges and\n       ensure orderly activation of systems to determine whether they function properly in the\n       new millennium.\n\nl      Staff responsibilities and schedules for carrying out the Day One plan.\n\nl      Maintenance contract contacts.\n\nl      Status reporting procedures, including the means of reporting, when to report, and what\n       information to report.\n\nl      Activities supporting contingencies, such as printing computer files required for manual\n       back-up procedures.\n\nThe ITA Day One plan we reviewed was general and did not contain the level of detail\nnecessary to carry out an effective Day One strategy. However, ITA has informed us that it is\nupdating its plans with more details. The ITA plan will cover headquarters and worldwide\noperations. ITA\xe2\x80\x99s Day One plan will include appendixes provided by ITA units describing their\nspecific Day One activities. ITA's United States and Foreign Commercial Service, the business\n\n                                               4\n\x0cU.S. Department of Commerce                                      Final Inspection Report OSE-12550\nOffice of Inspector General                                                         December 1999\n\nunit responsible for international operations, has already issued its Day One plan. We also\nbelieve that ITA should validate its Day One plan through an independent desktop review to\nensure that it will work properly.\n\nITA has agreed to complete a detailed Day One plan for headquarters and worldwide locations\ncontaining the information listed above and to validate the plan through a desktop review.\n\n\nRECOMMENDATIONS\n\nWe recommend that the Under Secretary ensure that:\n\n1.     ITA updates and completes a detailed Day One plan. The plan must include a\n       comprehensive set of actions for ITA headquarters and all ITA business units. The plan\n       should document, at a minimum: back-up, shutdown, and start-up procedures;\n       government and contractor staff assignments and schedules; maintenance vendor\n       contacts; status reporting procedures; and any activities necessary to support\n       contingencies, such as printing computer files for manual back-ups.\n\n2.     ITA validates the updated Day One plan through an independent desktop review to\n       ensure that it will work properly.\n\n3.     The ITA Telecommunication Center\n\n       a.      Completes the Memorandum of Understanding with the Department of State\n               Beltsville cable center for contingency services.\n\n       b.      Tests the contingency for cable services, including rerouting cables to Annex 44\n               and the Beltsville cable center.\n\n       c.      Backs up the Message Processing System files closer to December 30.\n\n\n\n\n                                               5\n\x0c\x0c"